Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact
5.1
CVSSv2

CVE-2006-2465

Published: 19/05/2006 Updated: 31/05/2014
CVSS v2 Base Score: 5.1 | Impact Score: 6.4 | Exploitability Score: 4.9
VMScore: 520
Vector: AV:N/AC:H/Au:N/C:P/I:P/A:P
Subscribe to Mp3info

Vulnerability Summary

Buffer overflow in MP3Info 0.8.4 allows malicious users to execute arbitrary code via a long command line argument. NOTE: if mp3info is not installed setuid or setgid in any reasonable context, then this issue might not be a vulnerability.

Vulnerable Product Search on Vulmon Subscribe to Product

mp3info mp3info 0.8.4

Vendor Advisories

Debian CVElist Bug Report Logs: mp3info: CVE-2006-2465: buffer overflow via command-line argument
Debian Bug report logs - #368207 mp3info: CVE-2006-2465: buffer overflow via command-line argument Package: mp3info; Maintainer for mp3info is Paweł Więcek <coven@debianorg>; Source for mp3info is src:mp3info (PTS, buildd, popcon) Reported by: Alec Berryman <alec@thenednet> Date: Sat, 20 May 2006 14:48:12 UTC Se ...

Exploits

Exploit DB: MP3Info 0.8.5a - Buffer Overflow
# Waste of CPU clock N2 # Exploit for: mp3info! Latest version # Author: jsacco - jsacco@exploitpackcom # Vendor: ibiblioorg/mp3info/ # No-one-cares-about programs! junk = "\x90\x90\x90\x90"*8 shellcode = "\x31\xc0\x50\x68//sh\x68/bin\x89\xe3\x50\x53\x89\xe1\x99\xb0\x0b\xcd\x80" buffer = "\x90\x90\x90\x90"*89 eip = "\x10\xf0\xff\xbf" pr ...
Exploit DB: MP3Info 0.8.5a - Local Buffer Overflow (SEH)
# Exploit Title: mp3info SEH exploit # Date: 18 March 2014 # Exploit Author: Ayman Sagy <aymansagy [at] gmailcom> # Vendor Homepage: ibiblioorg/mp3info/ # Software Link: wwwexploit-dbcom/apps/cb7b619a10a40aaac2113b87bb2b2ea2-mp3info-085atgz # Version: MP3Info 085 # Tested on: Windows 7 Ultimate 64 and 32 bit # CVE : 20 ...

References

NVD-CWE-Otherhttp://www.securiteam.com/exploits/5GP0E15IKO.htmlhttp://www.securityfocus.com/bid/18016http://securitytracker.com/id?1016108http://www.exploit-db.com/exploits/32358http://packetstormsecurity.com/files/125786/MP3Info-0.8.5-SEH-Buffer-Overflow.htmlhttp://packetstormsecurity.com/files/124955/Mp3info-Stack-Buffer-Overflow.htmlhttp://osvdb.org/show/osvdb/30945https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=368207https://nvd.nist.govhttps://www.exploit-db.com/exploits/31220/
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-34377CVE-2024-20859CVE-2023-49606injectarbitrary CVE-2024-33788CVE-2024-30973IDORCVE-2024-33907
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook